the verifier allows only BPF_ADD instruction on a
FRAME_PTR reigster to forge PTR_TO_STACK register, but makes BPF_SUB
on FRAME_PTR reigster to get a UNKNOWN_VALUE register.
This patch fix it by adding BPF_SUB in stack_relative checking.
Signed-off-by: Wang Nan wangn...@huawei.com
---
V1 is incorrect
the verifier allows only BPF_ADD instruction on a
FRAME_PTR reigster to forge PTR_TO_STACK register, but makes BPF_SUB
on FRAME_PTR reigster to get a UNKNOWN_VALUE register.
This patch fix it by adding BPF_SUB in stack_relative checking.
Signed-off-by: Wang Nan wangn...@huawei.com
---
kernel/bpf/verifier.c
.): 23285400229
...
# Samples: 11K of event 'instructions'
# Event count (approx.): 14969050259
Signed-off-by: Wang Nan <wangn...@huawei.com>
Cc: Arnaldo Carvalho de Melo <a...@redhat.com>
Cc: Alexei Starovoitov <a...@plumgrid.com>
Cc: Peter Zijlstra <a.p.zijls...@chello.n
Add hexdamical u32 to base data type, which is useful for raw output
because raw data are u32 aligned.
Signed-off-by: Wang Nan <wangn...@huawei.com>
Cc: Alexei Starovoitov <a...@plumgrid.com>
Cc: Arnaldo Carvalho de Melo <a...@kernel.org>
Cc: Brendan Gregg <brendan.d.gr..
ontinue
raw_data = event['raw_data']
print(raw_data[0] + raw_data[1] << 32, raw_data[2]));
Signed-off-by: Wang Nan <wangn...@huawei.com>
Cc: Alexei Starovoitov <a...@plumgrid.com>
Cc: Arnaldo Carvalho de Melo <a...@kernel.org>
Cc: Brendan Gregg <brendan.d.gr..
ata = event['raw_data']
print(raw_data[0] + raw_data[1] << 32, raw_data[2]));
Wang Nan (4):
perf tools: Enable pre-event inherit setting by config terms
perf tools: Introduce bpf-output event
perf data: Add u32_hex data type
perf data: Support converting dat
sys_write
perf 12927 [004] 355971.129279: 0 evt=bpf-output/no-inherit/:
811ed5f1 sys_write
...
Signed-off-by: Wang Nan <wangn...@huawei.com>
Cc: Alexei Starovoitov <a...@plumgrid.com>
Cc: Arnaldo Carvalho de Melo <a...@redhat.com>
Cc: Brendan G
rectly.
Wang Nan added:
This patch requires a name for each BPF map, so array of BPF maps is
not allowed. This restriction is reasonable, because kernel verifier
forbid indexing BPF map from such array unless the index is a fixed
value, but if the index is fixed why not merging it int